public function encode($arguments) { $encodedArguments = array(); foreach ($arguments as $argument => $value) { if (in_array($argument, $this->whiteList)) { $encodedArguments[$argument] = Reform::HtmlEncode($value); } } return $encodedArguments; }
function print_tab_attr($act, $mod = "a") { global $mt_select; if ($mod == "a") { ?> href="<?php get_url('admin', 'mt_customization', null, array('sub_act' => $act, 'mt_select' => Reform::HtmlEncode($_REQUEST['mt_select']))); ?> "; <?php } else { if ($act == $request_sub_act) { echo " class='active'"; } } }
public function testHtmlEncodeDefault() { // Usual stuff $this->assertEquals("default", Reform::HtmlEncode(null, "default"), "Checking default"); // Non encoded characters $this->assertEquals("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,.", Reform::HtmlEncode(null, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,."), "Non encoding chars via default"); // Usual suspects $this->assertEquals("<>&"", Reform::HtmlEncode(null, "<>&\""), "Usual suspects via default"); // Other characters $this->assertEquals("`~!@#$%^&*()_+=-{}|\][:;'/?><", Reform::HtmlEncode(null, "`~!@#\$%^&*()_+=-{}|\\][:;'/?><"), "Punctuation via default"); // Unicode characters $toEncode = ""; $encodedStr = ""; for ($i = 127; $i < 6000; $i++) { $toEncode = ReformTests::unichr($i); $encodedStr = "&#{$i};"; $this->assertEquals($encodedStr, Reform::HtmlEncode(null, $toEncode), "Unicode characters to 6000 via default [{$i}]"); } // The following are sanity checks // Non encoded characters $this->assertEquals("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,.", Reform::HtmlEncode("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0987654321 ,.", "default"), "Non encoding chars"); // Usual suspects $this->assertEquals("<>&"", Reform::HtmlEncode("<>&\"", "default"), "Usual suspects"); // Other characters $this->assertEquals("`~!@#$%^&*()_+=-{}|\][:;'/?><", Reform::HtmlEncode("`~!@#\$%^&*()_+=-{}|\\][:;'/?><", "default"), "Punctuation"); // Unicode characters $toEncode = ""; $encodedStr = ""; for ($i = 127; $i < 6000; $i++) { $toEncode .= ReformTests::unichr($i); $encodedStr .= "&#{$i};"; } $this->assertEquals($encodedStr, Reform::HtmlEncode($toEncode, "default"), "Unicode characters to 6000"); }
public function act_save_query() { include_once APPROOT . 'inc/lib_uuid.inc'; if ($_GET['actions'] == 'save_org_sql') { unset($_GET['shuffle_results']); } if (isset($_GET['query_save'])) { $saveQuery = new SaveQuery(); $saveQuery->save_query_record_number = shn_create_uuid('query'); $saveQuery->name = Reform::HtmlEncode($_GET['query_name']); $saveQuery->description = Reform::HtmlEncode($_GET['query_desc']); $saveQuery->created_date = date("Y-m-d"); $saveQuery->created_by = $_SESSION['username']; $query = isset($_GET['query']) ? $_GET['query'] : analysis_get_query(); $query_type = isset($_GET['query']) ? 'advanced' : 'basic'; $saveQuery->query = $query; $saveQuery->query_type = $query_type; $saveQuery->Save(); if ($_GET['stream'] == 'text') { echo "{'success':true}"; } else { shnMessageQueue::addInformation(_t('QUERY_WAS_SAVED_SUCCESSFULLY_')); } } }